LAS VEGAS, July 25, 2017 - At Black Hat USA 2017, AlienVault®, the leading provider of Unified Security Management™ (USM™) and crowdsourced threat intelligence, announced that its Open Threat Exchange® (OTX™) — the world’s first truly open threat intelligence community — has grown to more than 65,000 participants, a 20 percent quarter-on-quarter growth, sharing more than 14 million pieces of threat data daily.
OTX has democratized the threat intelligence market — any OTX participant can easily contribute and consume threat information for free. It is open security for all, powered by the community. To build on OTX successes, AlienVault is introducing several new features to AlienVault OTX™ including Groups, Adversary Pages and Easy Pulse Creation Tools in addition to adding several new standardized data formats to the OTX environment: STIX, TAXII, and YARA. AlienVault USM Anywhere™ users will soon be able to enjoy deeper threat analysis and tighter integration with OTX through a new threat intelligence framework, helping resource-constrained security teams to automate and orchestrate their threat detection and incident response activities. Armed with these new features, OTX members will be able to more readily identify and respond to threats and indicators of attack, and take steps to protect their environments before they’re at risk.
“AlienVault OTX proves that the most powerful tool in the fight against cybercrime is community collaboration,” Jaime Blasco, Vice President and Chief Scientist at AlienVault said. “And we have the best community online. Our OTX enhancements will provide our users with the tools they need to share the most recent threat intelligence they have on the most complex adversaries in the industry faster than ever before. In return, they get the most relevant and timely threat indicators they need to protect their environment for free.”
New OTX Enhancements Enable Collaboration & Threat Response
These updates come at a critical time as more and more companies find themselves exposed to fast-acting, and damaging, ransomware attacks. OTX is a proven tool to keep up with these threats. In fact, OTX identified indicators of compromise and issued protections against the Petya ransomware within the first two hours of its initial attack. In addition to its rapid response to Petya, AlienVault researchers also managed to add coverage for the EternalBlue exploit 18 days before the WannaCry ransomware hit the internet.
OTX Users Prioritize Threats & Focus on What Matters Most
“The information in OTX helps me to effectively prioritize threats from high to low. That in turn allows me to spend more time analyzing events that are deemed higher priority. It’s also educating me about what kind of threats security professionals are observing around the world. Many of the actual alerts OTX is sending allows me to also take preventative measures. Even if I haven’t seen any of the traffic, I am able to look at what malicious actors are doing, and then actually block malicious IP addresses,” said Jeff Dalton, Information Security Officer, Bank of Marin.
“I believe the best aspect of the AlienVault system comes ultimately from the community of users. The OTX activity notifications provides me with a great wealth of knowledge that I would not get otherwise. This is my first true experience in managing a service such as AlienVault for a long period of time. The community support is a great reference for smaller IT departments like mine that have limited resources to stay up to date with emerging threats,” said James Ellsworth, IT Technician, Sierra Gold Nursery.